PT-2013-2514 · Siemens · Siemens Wincc

Artem Chaykin

Published

2013-03-21

Updated

2013-03-22

CVE-2013-0669

CVSS v2.0

4.0

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Siemens WinCC (TIA Portal) version 11

Description The issue allows remote authenticated users to cause a denial of service, resulting in a daemon crash, by sending a crafted HTTP request to the HMI web application.

Recommendations For version 11, apply the necessary patch or update to fix the issue, or consider temporarily restricting access to the HMI web application to minimize the risk of exploitation.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2013-0669

Affected Products

Siemens Wincc

PT-2013-2514 · Siemens · Siemens Wincc

CVE-2013-0669

Weakness Enumeration

Related Identifiers

Affected Products

References · 3